{"updated":"2025-01-21T20:54:30.057344+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00077515","sets":["581:6276:6531"]},"path":["6531"],"owner":"11","recid":"77515","title":["トラフィックパターンを隠すアプリケーションベースVPNの実現方式"],"pubdate":{"attribute_name":"公開日","attribute_value":"2011-09-15"},"_buckets":{"deposit":"fc08e9b0-3012-45a6-871d-48383d5e602d"},"_deposit":{"id":"77515","pid":{"type":"depid","value":"77515","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"トラフィックパターンを隠すアプリケーションベースVPNの実現方式","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"トラフィックパターンを隠すアプリケーションベースVPNの実現方式"},{"subitem_title":"Implementation of an Application Based VPN that Conceals Traffic Patterns","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"一般論文","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2011-09-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"情報セキュリティ大学院大学／海上自衛隊"},{"subitem_text_value":"情報セキュリティ大学院大学"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Institute of Information Security / Japanese Maritime Self-Defense Force","subitem_text_language":"en"},{"subitem_text_value":"Institute of Information Security","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/77515/files/IPSJ-JNL5209033.pdf"},"date":[{"dateType":"Available","dateValue":"2013-09-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL5209033.pdf","filesize":[{"value":"746.6 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"b053cdd5-461c-4701-bf5d-0cf3f8285e57","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2011 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"三村, 守"},{"creatorName":"田中, 英彦"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Mamoru, Mimura","creatorNameLang":"en"},{"creatorName":"Hidehiko, Tanaka","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"通信内容を調査する必要がないトラフィック分析技術は，暗号通信の分析に適用することが可能である．これらのトラフィック分析技術は暗号通信の内容を解読するものではないが，アプリケーションの種類等の副次的な情報を得ることを可能とする．よって攻撃者のトラフィック分析により，情報システムのアプリケーション等の脆弱性が外部に知られ，不正アクセスを引き起こす可能性が考えられる．しかしながら，OpenSSH，OpenVPN等の既存のアプリケーションベースVPNでは，通信内容を秘匿することはできるが，トラフィック分析から得られる副次的な情報を秘匿することはできない．本論文では，パケット長と送信間隔を変更することにより副次的な情報を秘匿し，トラフィックパターンを隠すアプリケーションベースVPNを試作し，実験によりその特徴を分析するとともに，実装における課題を明らかにする．さらに，実装における課題を解決するために，SCTP（Stream Control Transmission Protocol）を採用し，実装したVPNの性能を検証実験により評価する．","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Traffic analysis technologies that do not scan the payload of communications can analyze encrypted traffic. Though these traffic analysis technologies do not decrypt the payload, enable to obtain secondary information e.g., application name. Thus, vulnerabilities of the application installed in the information systems are known outside by the attacker's traffic analysis, and it may cause unauthorized computer access. Though the previous application based VPN such as OpenSSH or OpenVPN protects the payload of communications, can not conceal the secondary information by the traffic analysis technologies. In this paper, we implement the application based VPN that conceals traffic patterns by altering packet sizes and the timing. Our experiments analyze the feature and reveal the problem to implement the application based VPN. In addition, to solve the problem, we adopt SCTP (Stream Control Transmission Protocol), and our verification experiments evaluate the performance of the VPN.","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"2865","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicPageStart":"2853","bibliographicIssueDates":{"bibliographicIssueDate":"2011-09-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"9","bibliographicVolumeNumber":"52"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-18T23:33:04.846324+00:00","id":77515,"links":{}}